Abstract [en]

Purpose – This paper seeks to identify and explore critical challenges for the process industry in information technology (IT) infrastructure integration and adaptation.

Design/methodology/approach – An exploratory case study was conducted at a paper mill and their main IT-vendor. Using a qualitative approach eight semi-structured interviews were carried out with representatives from both organizations.

Findings – The paper identifies four critical challenges in the integration and adaptation of IT-infrastructure in the process industry: integration as an ongoing process; maintaining stability in the installed base; locking the right stuff in; and balancing user value, continuity of production and compatibility.

Practical implications – Given the centrality of IT infrastructure in today’s process industries, the importance of dealing with these challenges must be emphasized. The four challenges identified in this study are of such a complexity that they can only lend themselves to the evolutionary strategy. Such a strategy is in concert with the sensibility towards risk found in the paper industry.

Originality/value – This paper contributes by building on and expanding IT-infrastructure literature, as a result of exploring IT-adaptation challenges in process industry organizations. The findings also provide managers with a valuable insight into recognizing and handling these challenges.

In thesis

Öbrand, Lars

Umeå University, Faculty of Social Sciences, Department of Informatics.

2015 (English)Doctoral thesis, comprehensive summary (Other academic)

Abstract [en]

This dissertation investigates the nature and management of information infrastructure risks in organizations. Specifically, it examines how practitioners identify and manage threats towards their organizational aims, and suggests ways of achieving sustainable risk management, in settings characterized by the integration of information technology (IT) and organizational processes. The dissertation is motivated by the difficulties organizations encounter when attempting to leverage IT as an organizational resource and the observation that IT projects have high rates of failure despite three decades of research on and practice of risk management in Information Systems (IS). Three aspects of the underlying logic of existing research and practice on IS risk management are challenged: (1) the infrastructural character of IT is suggested to be consequential for organizational risk management, however not recognized by either IS research on risk or risk experts, (2) risk management is enacted within and across practices beyond the boundaries of formal risk management models, and subsequently, (3) risks are increasingly emergent rather than predictable. To investigate such risks and risk management processes the studies in the dissertation build on information infrastructure theory and practice theory and a qualitative approach.

As the role of IT in organizations has changed significantly over the last decades, so has both practice and research concerned with IT related risks. Research on risk in the field of IS has thus come to encompass a large variety of levels of analysis, risk levels and dimensions, organizational processes and research approaches. An analysis of the extant literature shows that despite this richness, it still does not account, or offer support, for situations characterized by a high degree of uncertainty and equivocality. In these kinds of situations, risks are typically emergent and cannot be identified or managed by the prescriptions found within the IS discourse. However, emergence has long been recognized as a characteristic of the organizational consequences of information technology. Paradoxically, while most IS scholars would recognize the socio-technical, or even sociomaterial, nature of IT, it has had little impact on research on risk in our field.

A key argument in this dissertation is that theories of technology and organizational change within IS are equally valid for practice and research on IT related risk and risk management. Information infrastructure theory has been influential in improving our understanding of the changing nature and role of contemporary IT in organizational processes. It highlights the infrastructural character of IT, technological agency, and the entanglement of IT and organizational practices. Grounded in information infrastructure theory, this dissertation examines how practitioners identify, assess, prioritize and resolve risk in their everyday organizational practices. While risk has been used as a concept to characterize the underlying logic of information infrastructure evolution, scant attention has been paid to the particularities of risk emergence and operational risk management practices. As such, existing IS research on risk management explains why risk emerges but not how. The notion of practice has recently gained momentum in the IS field for its usefulness as an analytical lens in approaching complex, dynamic and emergent phenomena, and it is reflective of information infrastructure theory in its fundamental ontological and epistemological assumptions. All of the papers included in this dissertation build, to varying degrees, on information infrastructure theory and a practice approach.

The dissertation contributes new knowledge to research on information infrastructure risk and risk management in IS by theorizing information infrastructure risk as emergent, interstitial, and rooted in practice and sociomaterial contexts.